3503 matches found
CVE-2022-50951 WiFi File Transfer 1.0.8 Persistent XSS via Web Server Input Validation
WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...
PT-2026-5572
WiFi File Transfer 1.0.8 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through file and folder names. Attackers can exploit the web server's input validation weakness to execute arbitrary JavaScript when users preview infect...
dooblou WiFi File Transfer 跨站脚本漏洞
Dooblou WiFi File Transfer is a file transfer application developed by the dooblou company. Version 1.0.8 of Dooblou WiFi File Transfer contains a cross-site scripting vulnerability. This vulnerability stems from the use of file and folder names that contain storage-type cross-site scripts,...
CVE-2020-37032 Wing FTP Server 6.3.8 - Remote Code Execution
Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the...
CVE-2020-37029 FTPDummy 4.80 - Local Buffer Overflow
FTPDummy 4.80 contains a local buffer overflow vulnerability in its preference file handling that allows attackers to execute arbitrary code. Attackers can craft a malicious preference file with carefully constructed shellcode to trigger a structured exception handler overwrite and execute system...
CVE-2025-15541
Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...
CVE-2025-15541
Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...
CVE-2025-15541
Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...
CVE-2025-15541
The CVE-2025-15541 entry describes an improper link resolution in the VX800v v1.0 SFTP service on TP-Link devices. Authenticated adjacent attackers can abuse crafted symbolic links to access system files, exposing high confidentiality impact and low integrity risk. Affected component: VX800v v1.0...
CVE-2020-36994 QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service
QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionali...
CVE-2020-36994 QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service
QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionali...
TP-Link VX800v security vulnerability
The TP-Link VX800v is a VoIP gateway produced by the TP-Link company. The TP-Link VX800v 1.0 version has a security vulnerability. This vulnerability stems from improper parsing of SFTP service links, which may allow authenticated neighboring attackers to access system files using specially craft...
QlikView security vulnerabilities
QlikView is a business intelligence and data visualization analysis software developed by the American company QlikView Corporation. Version QlikView 12.50.20000.0 contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the FTP server address input...
CVE-2020-36983
Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured service binary path to inject malicious executables with elevated LocalSystem privileges during syste...
CVE-2020-36964
YATinyWinFTP contains a denial of service vulnerability that allows attackers to crash the FTP service by sending a 272-byte buffer with a trailing space. Attackers can exploit the service by connecting and sending a malformed command that triggers a buffer overflow and service crash...
PT-2026-5156
YATinyWinFTP contains a denial of service vulnerability that allows attackers to crash the FTP service by sending a 272-byte buffer with a trailing space. Attackers can exploit the service by connecting and sending a malformed command that triggers a buffer overflow and service crash...
YATinyWinFTP buffer error vulnerability
YATinyWinFTP is an FTP server developed by ik80’s individual developer. YATinyWinFTP has a buffer error vulnerability; this vulnerability arises from sending certain data that may trigger a buffer overflow, potentially leading to a denial-of-service attack...
Pablo Software Solutions Quick n Easy FTP Service Code Issues and Vulnerabilities
Pablo Software Solutions Quick n Easy FTP Service is a Windows platform FTP server software provided by Pablo Software Solutions. Version 3.2 of Pablo Software Solutions Quick n Easy FTP Service has a code vulnerability caused by an unquoted service path, which may allow local attackers to execut...
[SECURITY] Fedora 43 Update: vsftpd-3.0.5-14.fc43
vsftpd is a Very Secure FTP daemon. It was written completely from scratch...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004924)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004924 advisory. In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file over sftp over...